<?php
if (!defined('CURRENT_PATH')){
	die('Hacking attempt');
	}
$aa=spClass('manage');	
if($_REQUEST['act']&&$_REQUEST['act']=='del'){
$id=intval($_REQUEST['id']);
$res=$aa->find($conditions=array('id'=>$id),$sort = null, $fields ='system');
if($res[system]!=1){
	$aa->delete($conditions=array('id'=>$id));
	$this->success("恭喜，管理员删除成功");	 
}else{
	$this->error("不能删除系统管理员"); 
}	
}else if($_REQUEST['act']&&$_REQUEST['act']=='update'){
$uid=intval($_REQUEST['id']);
//dump($this->spArgs());
$authArray=array('a_0','a_1','a_2','a_3','a_4','a_5');
foreach($authArray as $id=> $v){
	if ($this->spArgs($v)=='on'){
		$auth[$id]=1;		
		}else{
		$auth[$id]=0;	
		}
	}
$aa->updateField($conditions=array('id'=>$uid), $field='auth',$value=serialize($auth));
	$this->success("恭喜，管理权限修改成功");			
}else if($_REQUEST['act']&&$_REQUEST['act']=='add'){
$this->display('management/adminadd_2.html');
}else{
 $res=$aa->find($conditions=array('id'=>$_SESSION['id']),$sort = null, $fields ='system');
 if($res[system]==1){
	 $res=$aa->findAll($conditions = null, $sort = null, $fields = 'id,username,name,auth,system', $limit = null);
	foreach ($res as $id => $v){
		$res[$id][auth]=unserialize($v[auth]);
		}
		//dump($res);
	 $this->res=$res;
	 $this->display('management/admin_auth.html');	
	}else{
	$this->error("没有权限访问！");	
}			
}	